Common Information
| Type | Value |
|---|---|
| Value |
User Execution |
| Category | Attack-Pattern |
| Type | Mitre-Ics-Techniques |
| Misp Type | Cluster |
| Description | Adversaries may rely on a targeted organizations’ user interaction for the execution of malicious code. User interaction may consist of installing applications, opening email attachments, or granting higher permissions to documents. Adversaries may embed malicious code or visual basic code into files such as Microsoft Word and Excel documents or software installers. Execution of this code requires that the user enable scripting or write access within the document. Embedded code may not always be noticeable to the user especially in cases of trojanized software |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-05-16 | 13 | Analyst Exercise: Phishing Analysis with Thunderbird and Talos ⚠️📧 | ||
| Details | Website | 2023-05-16 | 6 | Trustwave Threat Hunt Team Uncovers Healthcare Industry Vulnerabilities | ||
| Details | Website | 2023-05-15 | 5 | NVD - CVE-2023-20914 | ||
| Details | Website | 2023-05-12 | 138 | Securonix Threat Labs Security Advisory: Latest Update: Ongoing MEME#4CHAN Attack/Phishing Campaign uses Meme-Filled Code to Drop XWorm Payloads | ||
| Details | Website | 2023-05-12 | 16 | BlackSuit Ransomware Strikes Windows and Linux Users | ||
| Details | Website | 2023-05-11 | 19 | Dissecting Rancoz Ransomware | ||
| Details | Website | 2023-05-10 | 7 | Making Waves: TTP Intelligence Highlights in April | ||
| Details | Website | 2023-05-10 | 20 | Unraveling Akira Ransomware | ||
| Details | Website | 2023-05-09 | 12 | 3CX Supply Chain Campaign Technical analysis and POC | ||
| Details | Website | 2023-05-05 | 42 | Sophisticated DarkWatchMan RAT Spreads Through Phishing Sites | ||
| Details | Website | 2023-05-03 | 100 | New KEKW Malware Variant Identified in PyPI Package Distribution | ||
| Details | Website | 2023-05-03 | 40 | BlackBit Ransomware: A Threat from the Shadows of LokiLocker | ||
| Details | Website | 2023-05-02 | 54 | Polish Healthcare Industry Targeted by Vidar Infostealer Likely Linked to Djvu Ransomware | ||
| Details | Website | 2023-04-28 | 32 | Citrix Users at Risk: AresLoader Spreading Through Disguised GitLab Repo | ||
| Details | Website | 2023-04-26 | 15 | Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram | ||
| Details | Website | 2023-04-25 | 54 | Anomali Cyber Watch: Two Supply-Chain Attacks Chained Together, Decoy Dog Stealthy DNS Communication, EvilExtractor Exfiltrates to FTP Server | ||
| Details | Website | 2023-04-24 | 892 | Vulnerability Summary for the Week of April 17, 2023 | CISA | ||
| Details | Website | 2023-04-21 | 6 | Domino Malware Detection: Ex-Conti and FIN7 Threat Actors Collaborate to Spread a New Backdoor - SOC Prime | ||
| Details | Website | 2023-04-21 | 23 | Qakbot Malware Continues to Morph | ||
| Details | Website | 2023-04-20 | 56 | Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack | WeLiveSecurity | ||
| Details | Website | 2023-04-20 | 65 | Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack | WeLiveSecurity | ||
| Details | Website | 2023-04-20 | 481 | ATT&CK Changes | ||
| Details | Website | 2023-04-19 | 178 | New TACTICAL#OCTOPUS Attack Campaign Targets US Entities with Malware Bundled in Tax-Themed Documents | ||
| Details | Website | 2023-04-19 | 5 | NVD - CVE-2023-21083 | ||
| Details | Website | 2023-04-18 | 28 | CrossLock Ransomware Emerges: New GoLang-Based Malware On the Horizon |